In the crypto-environment, there are certain phrases that are repeated, almost as if they were mantras. In this sense, today we are called upon to understand the phrase “not your keys, not your coins“, and we will do so by knowing the difference between a guarded wallet and a non-custodied one.
When we enter this ecosystem, as a kind of warning, we are informed that we are solely responsible for the security of our funds. However, we know that old habits die hard.
Therefore, there are certain solutions that allow us to share and even completely delegate the custody of our funds, while we gain confidence and launch ourselves into a gradual entry into the decentralized world. Let’s take a look at the differences between these types of wallets, plus the risks and benefits that both types entail.
How does a custodial wallet differ from a non-custodial wallet?
We are facing a case in which the names that identify both tools clearly specify their differences. In non-custodial wallets, it is the users who have sole and complete custody of their own funds.
You can imagine the obvious: in wallets with custody, users delegate the custody of their funds to a third party, which acts as the “watchdog” in charge of ensuring the integrity of the cryptocurrencies of those who delegate their trust in it.
Anyway, before we continue evaluating these different tools that the crypto world offers us to manage our funds, it is necessary to make a clarification.
What do we talk about when we talk about custody of funds?
The time has come to introduce an explanation of the phrase mentioned in the introduction of our article: not your keys, not your coins. In the crypto ecosystem, to speak of custodian, holder or the one who has access to the funds, is to allude to the one who is in possession of the wallet’s private key, which we usually keep in the form of a 12 or, in some cases, 24-word phrase.
But what is this private key and the famous phrases about? When we create a wallet in the crypto world, what we are doing is giving birth to a pair of keys. On the one hand, the public key or address, a long succession of characters that identify us within the blockchain. We could compare it to our IBAN or bank CBU in the traditional world. When we request a remittance of funds, it will be this public address that we will share.
To dispose of the funds hosted by this public address (I mean send them to another address or deposit them in an application) it is necessary to sign a transaction. To perform this signature, it is necessary to have the private key. This is another long string of characters, which must be stored and never shared under any circumstances. So, when we click on “send”, we are approving a transaction by giving our signature using our private key.
Ultimately, the custodian of the funds is the one who holds this private key. However, wallets give us a hand when it comes to storing this key. It “goes through” an algorithm, by means of which a phrase of 12 or 24 words is obtained. In this way, whoever has the famous seed phrase will have access to the wallet, to the private key and therefore will have access to the funds.
I hope that, after this brief explanation, the phrase “not your keys, not your coins” has become clearer.
Wallets with custody
As we have seen, in this type of wallets, the user is not the one who holds the private key or the seed phrase, which gives access to the funds. In this type of wallets, the custody of the access to the funds is delegated to someone else.
Let’s look at two species within this genre.
Wallets with custody, the case of exchanges
Exchanges generate, for newcomers to this world, great confusion. How can it be so cheap to mobilize funds within an exchange compared to the costs in a blockchain? By answering this extremely common question, we will be able to understand what kind of service these important players in the ecosystem provide us with.
When we create an account in an exchange, it assigns us a public address to which we can send our cryptocurrencies. Now, we understand what they did:
- Create a wallet
- Assign us the public address to be able to send our cryptomonedas
- Take care of private key management and secure storage of the seed phrase
In this way, by different methods, they manage to relate the address with our wallet within the exchange. Thus, if we send ETH to our deposit address in an exchange, after a few minutes we will be able to see those ETH “inside” the account we have there.
The reality is, those ETH are on the blockchain, they are not on the exchange, and the holder of those funds is the public address we send them to. What do we have inside the exchange then? A representation of those funds that will never leave the blockchain.
Summarizing this explanation, when we send our funds to an exchange, we are sending them to a wallet to which we do not have access, but the custody of its private key is in charge of the exchange.
The risks of custodial wallets are clear:
- Key storage attacks
- Insolvency of the exchange
On the other hand, the benefits of non-custodial wallets are:
- User forgets about private key management and storage
In these days, we have witnessed how Celsius, when declaring its insolvency, blocked the withdrawal of user funds. A graphic example of how “not your keys, not your coins” can affect us.
Custodial wallets, outsourcing services
Although the final effect is the same, the user delegates to a third party the holding and management of the private key that gives access to the funds, there are differences in the service provided by these companies.
When creating one of these wallets, those who provide this service are in charge of securely storing the 12 or 24-word phrase that allows “recovering” or “reestablishing” the wallet and, therefore, accessing the funds.
The difference is that, in this case, users interact with the blockchain every time they access the wallet. The risks, however, are similar. The companies that provide these services, although they usually keep the keys “cold” or far from any network or server, can be targets of attacks, since they usually handle funds of real importance. While the possibility of the disappearance of these companies and with them the cryptocurrencies they guard, is always a latent possibility.
Here the great benefit that a user finds is that, in case of losing his seed phrase, this third party enters the scene in order to restore access to the funds. In any case, the peace of mind of not being the only one responsible for the custody of the funds, implies the need to trust that a third party will do it better than us.
Non-custodial wallets
At this point, it is where each of the maximalists of each existing blockchain, put aside their differences to agree that this type of wallets, are those that go hand in hand with the sense of the crypto world. The independence and freedom that Bitcoin or Ethereum seeks to provide to its users can only be enjoyed to the fullest with a wallet in which the user is the only one with access to his private key or seed phrase and, consequently, to his funds.
It is worth remembering that the wallet is nothing more than an interface or a nice way to see our observing and disposing of our holdings in a blockchain. Thus, by creating a wallet and writing down our 12 words on a piece of paper, or why not by writing down our private phrase, its complex equivalent, we are saving the access to the funds hosted on the blockchain.
By this I mean, that quietly if we do not feel comfortable with the interface of the wallet we are using, without hesitation we can, by means of our seed phrase we can “recover” our wallet and observe our funds in an interface suitable to our requirements.
Anyway, we have options to choose from when it comes to choosing a custodied wallet. Let’s review the most important types.
Hot wallets
Undoubtedly, the most used, convenient and practical (and also free). The downside of these benefits is that they are a little less secure than cold wallets. Let’s understand why.
A hot wallet, such as Bitnovo’s wallet, is a piece of software that any user downloads to a device with internet access. Thus, both the private key and the seed phrase are stored, in most cases, on the user’s device. For example, as explained in this article, we can find our seed phrase in the Bitnovo wallet.
This means that, in the event that our device is compromised or becomes a victim of a hack, any malicious actor could be closer to gaining access to our funds. Because of the existence of this risk, it is necessary for every user to be extremely cautious in:
- Security of the device on which you download your wallets
- Managing your passwords
- Storage of your seed phrase or private key
By following these three simple but demanding rules, the funds will be safe. However, for those who do not sleep safely knowing these potential risks, there is another type of solution.
Cold wallets
The hot wallet indicates the risk involved in owning a device connected to the Internet, while the cold wallet refers to the remoteness of these wallets from the world of the web.
So a “cold wallet” is a device that generates a public and private key pair, plus its corresponding translation into a seed phrase, without being connected to the internet. This is the reason why it is said that the private key is generated cold.
Now, you may well ask, how do we interact with the blockchain if these devices do not have access or connection to the internet? The solution is achieved through a “hot wallet”. Cold wallets can be connected to a computer or cell phone via a USB cable or, the more modern ones, via Bluetooth technology.
The interesting thing about this interaction is that it is done through the hot wallet interface, but transactions must be approved on the device or cold wallet, so that our private key never comes into contact with the device connected to the Internet.
Final words
When deciding which wallet to use in the crypto world, we must take into account a large number of factors that will have an important impact on our daily lives.
Beyond those parameters, the first question that every user should ask himself is, do I want to be the only one responsible for accessing my funds or do I prefer to share or directly delegate that responsibility to a third party?
Although the phrase “solely responsible for the funds” or the storage of the seed phrase in a secure manner may generate some apprehension, the freedom of the crypto world demands an active participation on the part of the user and in busy times, the full availability of the funds becomes an important asset.
This ecosystem aims to differentiate itself from the traditional world, through its tools and its particular philosophy. In this sense, “not your keys, not your coins” is a phrase that never loses its relevance.
